diff -NurpP --minimal linux-2.6.29.1-vs2.3.0.36.9-pre5/net/ipv4/inet_hashtables.c linux-2.6.29.1-vs2.3.0.36.9-pre6/net/ipv4/inet_hashtables.c
--- linux-2.6.29.1-vs2.3.0.36.9-pre5/net/ipv4/inet_hashtables.c	2009-03-24 19:35:10.000000000 +0100
+++ linux-2.6.29.1-vs2.3.0.36.9-pre6/net/ipv4/inet_hashtables.c	2009-04-17 15:35:48.000000000 +0200
@@ -126,6 +126,11 @@ static inline int compute_score(struct s
 			if (rcv_saddr != daddr)
 				return -1;
 			score += 2;
+		} else {
+			/* block non nx_info ips */
+			if (!v4_addr_in_nx_info(sk->sk_nx_info,
+				daddr, NXA_MASK_BIND))
+				return -1;
 		}
 		if (sk->sk_bound_dev_if) {
 			if (sk->sk_bound_dev_if != dif)